The threat landscape for cyber attacks is constantly changing and evolving, so it is helpful to understand the common ways in which it changes, as well as ways to keep on top of emerging and evolving threats.
Ways in which the threat landscape can evolve
- Threat actors can change, and new threat actors can emerge
- Motivations of threat actors can change
- Geopolitical circumstances can change
- New means of exploitation and new vulnerabilities can be discovered or developed
- New technology can alter the threat landscape
- Level of impact achievable as we shift to a more online world changes as well
Vulnerability management and threat intelligence
Having a robust vulnerability and patch management process will enable you to keep on top of new and emerging vulnerabilities and threats. You can subscribe to services that will inform you and your suppliers of new vulnerabilities within the equipment and services that you use. It is recommended that you have a robust and open vulnerability and risk management process agreed with your suppliers. This needs to be an open dialogue where you review critical vulnerabilities and put appropriate actions in place.
It is also equally important to keep on top of emerging threats. Threat intelligence can be used to understand how threat actors and attack vectors are changing. It can be hard to filter through all the quantities of information available. It can be helpful to run regular threat modelling exercises within your organisation and with your suppliers to ensure that you are focusing resources and effort on the highest risk areas.
You can also subscribe to services like the Cyber Security Information Sharing Partnership or CISP for short which is a joint industry and government digital service to allow UK organisations to share cyber threat information in a secure and confidential way. Keeping an awareness of supply chain incidents will help you keep on top of your cyber security arrangements. You should have a process to review recent supply chain incidents and review the root cause to ensure that you are not vulnerable in the same way.
This is a two way process and it is important that you also share incidents and near misses with other councils and organisations so that they can learn from you.
Consulting with experts
To stay on top of emerging or evolving threats, you can also work with experts or experienced personnel involved in supply chain cyber security from within your own council, the local government sector and beyond. By consulting with experts in a bid to stay on top of evolving threats, your council may wish to consider the following:
- Gather business information on supply chain activities which will help you understand what is going well and where gaps may exist; and
- Gain insights on supply chain assurance to help you understand whether the focus of your activities are directed for best effect as well as what can be optimised and changed to become more efficient or yield better results?
You can take advantage of forums like local Warning, Advice and Reporting Points also known as WARPS to consult with experts. The LGA’s cyber, digital and technology team are also on hand to support.